Complying with the latest in data protection

PCI COMPLIANCE SERVICES

PCI compliance can help reduce your risk of card fraud and data breach.

A Merchant Services Business Consultant 
will contact you within 24 hours.

close up image of a person using a merchant credit card terminal

Help reduce the risk of card fraud and data breaches

Merchants who work with M&T are automatically enrolled in our PCI Advance program.{{d578*}} Get an external vulnerability scan, 24/7 live technical support, breach protection of up to $100,000 per incident and more.

Every business that works with credit card information is required to comply with the Payment Card Industry Data Security Standards (PCI DSS) to prevent cardholder data theft. Complying is good business, too. It can help reduce your company’s risk of credit card fraud and data breaches. Compliance is especially important for small companies — studies show that 58% of data breaches target small businesses, with the average cost of a breach at $200,000.* As security threats become more sophisticated and businesses struggle to keep up, M&T Bank’s PCI Compliance services provide practical help and peace of mind. 

Show your compliance

Complying with PCI DSS means establishing serious card data security. To be considered compliant, businesses must build and maintain a secure network, protect cardholder data, implement strong access control procedures and take other key measures for information security.

Get protected

The specific PCI DSS requirements that apply to your company depend on your card-handling practices and the number of card transactions you process.

A range of advantages

Ensuring PCI DSS compliance takes a multi-faceted effort. Solutions provided by M&T Bank include an external vulnerability scan and an online compliance reporting portal, as well as breach protection and reimbursement in case of a data breach.

Key Features

  • External Vulnerability Scan (3 IPs)
  • Online PCI Self-Assessment Questionnaire (SAQ)
  • Online compliance reporting portal
  • Non-compliance notification
  • Compliance reporting to merchant processor
  • Compliance certificate
  • 24/7 live technical support
  • MobileScan
  • PANscan® (Card discovery software for one machine)
  • Breach Protection (Up to $100,000 reimbursement in case of a breach)

Fraud Protection Services

GET FAMILIAR

Take advantage of solutions to protect your customers and your business. Learn more about M&T Fraud Protection Services.

Top questions, answered by our experts

To be considered PCI compliant, businesses must build and maintain a secure network, protect cardholder data, implement strong access control procedures and take other key measures for information security. 

Every business that works with credit card information is required to comply with the Payment Card Industry Data Security Standards (PCI DSS) to prevent cardholder data theft. The specific PCI DSS requirements that apply to your company depend on your card-handling practices and the number of card transactions you process.

Complying is good business. It can help reduce your company’s risk of credit card fraud and data breaches. As security threats become more sophisticated and businesses struggle to keep up, M&T Bank’s PCI compliance services provide practical help and peace of mind.

To self-assess your PCI compliance, you’ll need to follow 12 primary PCI DSS controls that address your system security and cardholder data protection. A modern POS system will include security features that will help you stay compliant without the need for continuous self-monitoring.

Every business that works with credit card information is required to comply with the Payment Card Industry Data Security Standards (PCI DSS) to prevent cardholder data theft. To be considered compliant, businesses must build and maintain a secure network, protect cardholder data, implement strong access control procedures and take other key measures for information security.

A robust POS system will include credit card encryption and tokenization and remove your need to store credit card information. Additional best practices include the maintenance of a firewall, unique passwords and restricted access to physical devices.

For most businesses, there are 12 primary PCI DSS controls to implement. They are divided into six sections and address the security of networks and systems, protection of payment card and cardholder data, system vulnerability management, access control, activity assessment and the maintenance of an in-house security policy. Depending on your business type and your credit card transaction volume, you could be subject to additional control requirements.

Complying with PCI DSS means establishing serious card data security and takes a multifaceted effort. M&T Bank can help. Our solutions include an external vulnerability scan and an online compliance reporting portal, as well as breach protection and reimbursement in case of a data breach. Get PCI compliance services that provide practical help and peace of mind.

Partner with M&T Bank

Hear from a Merchant Services Business Consultant directly or book an appointment with your nearest branch in person, on the phone or by video.

We will contact you within 24 hours.

* Hiscox Cyber Readiness Report, 2019; Breach Level Index - SecurityMetrics Guide to PCI DSS Compliance, 2021.